Encryption is a process of translating a message, called the plaintext, into an encoded message, called the ciphertext. This is usually accomplished using a secret key and a cryptographic cipher. Two basic types of encryption are commonly used: symmetric encryption, where a single secret key is used for both encryption and decryption and asymmetric encryption, where a pair of keys is used—one for encryption and the other for decryption.
The use of encryption/decryption is a good idea when carrying out any kind of sensitive transaction, such as a credit-card purchase online, or the discussion of a company secret between different departments in the organization. The stronger the cipher—that is, the harder it is for unauthorized people to break it—the better, in general.
An application called atomic proxy re-encryption is a mechanism by which a semi-trusted proxy converts a ciphertext for a first user (Alice) into a ciphertext for a second user (Bob) without seeing the underlying plaintext. It is expected that fast and secure re-encryption will become increasingly popular as a method for managing encrypted file systems. Although efficiently computable, the widespread adoption of re-encryption has been hindered by considerable security risks.
A methodology for delegating decryption rights was first introduced by Mambo and Okamoto purely as an efficiency improvement over traditional decrypt-and-then-encrypt approaches. Blaze, Bleumer, and Strauss (BBS) proposed the notion of “atomic proxy cryptography,” in which a semi-trusted proxy computes a re-encryption function given a re-encryption key that converts ciphertexts for Alice into ciphertexts for Bob without seeing the underlying plaintext.
Jakobsson developed a quorum-based protocol where the proxy is divided into sub-components, each controlling a share of the re-encryption key. In this approach the keys of the delegator are safe so long as some of the proxies are honest. A similar approach was considered by Zhou, Mars, Schneider and Redz. Recently, Dodis and Ivan realized unidirectional proxy encryption for Elgamal, RSA, and an IBE scheme by sharing the user's secret key between two parties. In their unidirectional Elgamal scheme, Alice's secret key s is divided into two shares s1 and s2, where s=s1+s2, and distributed to the proxy and Bob. On receiving ciphertexts of the form (mgsk, gk), the proxy first computes (mgsk/(gk)s1), which Bob can decrypt as (mgs2k/gk)s2)=m.
Proxy re-encryption has many applications including, but not limited to, email forwarding, law enforcement, and performing cryptographic operations on storage-limited devices. In particular, proxy cryptography has natural applications to secure network file storage.